Pool A Flashcards
1
Q
Which of the following is an AWS managed Domain Name System (DNS) web service? A. Amazon Route 53 B. Amazon Neptune C. Amazon SageMaker D. Amazon Lightsail
A
Answer: A
2
Q
A company wants to reduce the physical compute footprint that developers use to run code. Which service
would meet that needby enabling serverless architectures?
A. Amazon Elastic Compute Cloud (Amazon EC2)
B. AWS Lambda
C. Amazon DynamoDB
D. AWS CodeCommit
A
Answer: B
Explanation:
AWS Lambda is an integral part of coding on AWS. It reduces physical compute footprint by utilizing
awscloud services to run code.
3
Q
Where can AWS compliance and certification reports be downloaded? A. AWS Artifact B. AWS Concierge C. AWS Certificate Manager D. AWS Trusted Advisor
A
Answer: A
Explanation:
WS Artifact is yourgo-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’s security and compliance reports and select online agreements. The AWS
SOC 2 report is particularly helpful for completing questionnaires because it provides a comprehensive
description of the implementation and operating effectiveness of AWS security controls. Another useful
document is the Executive Briefing within the AWS FedRAMP Partner Package.
4
Q
Which AWSservice would you use to obtain compliance reports and certificates? A. AWS Artifact B. AWS Lambda C. Amazon Inspector D. AWS Certificate Manager
A
Explanation:
AWS Artifact is your go-to, central resource for compliance-related information that matters toyou. It
provides on-demand access to AWS’ security and compliance reports and select online agreements.
Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card
Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance
verticals that validate the implementation and operating effectiveness of AWS security controls.
Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the
NondisclosureAgreement (NDA).
5
Q
A customer would like to design and build a new workload on AWS Cloud but does not have the
AWS-related software technical expertise in-house.
Which of the following AWSprograms can a customer take advantage of to achieve that outcome?
A. AWS Partner Network Technology Partners
B. AWS Marketplace
C. AWS Partner Network Consulting Partners
D. AWS Service Catalog
A
Answer: C
6
Q
Under the shared responsibility model, which of the following tasks are the responsibility of the AWS
customer? (Select TWO.)
A. Ensuring that application data is encrypted at rest
B. Ensuring that AWS NTP servers areset to the correct time
C. Ensuring that users have received security training in the use of AWS services
D. Ensuring that access to data centers is restricted
E. Ensuring that hardware is disposed of properly
A
Answer: A C
7
Q
Which AWS services should be used for read/write of constantly changing data? (Select TWO.) A. Amazon Glacier B. Amazon RDS C. AWS Snowball D. Amazon Redshift E. Amazon EFS
A
Answer: B E
Explanation:
https://aws.amazon.com/efs/?nc2=type_a
8
Q
When performing a cost analysis that supports physical isolation of a customer workload, whichcompute
hosting model should be accounted for in the Total Cost of Ownership (TCO)?
A. Dedicated Hosts
B. Reserved Instances
C. On-Demand Instances
D. No Upfront Reserved Instances
A
Answer: A
Explanation:
Use Dedicated Hosts to launch Amazon EC2 instances on physical servers that are dedicated for your use.
Dedicated Hosts give you additional visibility and control over how instances are placed on a physical
server, and you can reliably use the same physical server over time. As a result, Dedicated Hosts enable
you to use your existing server-bound software licenses like Windows Server and address corporate
compliance and regulatory requirements.
9
Q
Which of the following Identity and Access Management (IAM) entities is associated with an access key ID
and secret access key when using AWS Command Line Interface (AWS CLI)?
A. IAM group
B. IAM user
C. IAM role
D. IAM policy
A
Answer: B
10
Q
Web servers running on Amazon EC2 access a legacyapplication running in a corporate data center. What term would describe this model? A. Cloud-native B. Partner network C. Hybrid architecture D. Infrastructure as a service
A
Answer: C
11
Q
Which of the following security-related services does AWS offer? (Select TWO.)
A. Multi-factorauthentication physical tokens
B. AWS Trusted Advisor security checks
C. Data encryption
D. Automated penetration testing
E. Amazon S3 copyrighted content detection
A
Answer: C D
12
Q
Which AWS tools assist with estimating costs? (Select three.)
A. Detailed billing report
B. Cost allocation tags
C. AWS Simple Monthly Calculator
D. AWS Total Cost of Ownership (TCO) Calculator
E. Cost Estimator
A
Answer: B C D
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/estimating-aws-resource-costs/
13
Q
Which AWS Cost Management tool allows you to view the most granular data about your AWS bill? A. AWS Cost Explorer B. AWS Budgets C. AWS Cost and Usage report D. AWS Billing dashboard
A
Answer: C
Explanation:
The AWS Billing Console gives you access to the most comprehensive information about your AWS costs
and usage. To see how your costs are tracking month-to-date, and which AWS services are the main cost
drivers, check out the AWSBilling Dashboard. To access to the most comprehensive information about your
AWS costs and usage, you can download the AWS Cost & Usage Report. To view your bill for any previous
month, you can access the Bills page.https://aws.amazon.com/aws-cost-management/details/
14
Q
Which serviceenables risk auditing by continuously monitoring and logging account activity, including user
actions in the AWS Management Console and AWS SDKs?
A. Amazon CloudWatch
B. AWS CloudTrail
C. AWS Config
D. AWS Health
A
Answer: B
15
Q
Which task is AWS responsible for in the shared responsibility model for security and compliance?
A. Granting access to individuals and services
B. Encrypting data in transit
C. Updating Amazon EC2 host firmware
D. Updating operating systems
A
Answer: C
16
Q
Which AWS feature will reduce the customer’s total cost of ownership (TCO)? A. Shared responsibility security model B. Single tenancy C. Elastic computing D. Encryption
A
Answer: C
Explanation:
https://aws.amazon.com/compliance/shared-responsibility-model/
17
Q
Which of the following are features of Amazon CloudWatch Logs?(Select TWO.)
A. Summaries by Amazon Simple Notification Service (Amazon SNS)
B. Free Amazon Elasticsearch Service analytics
C. Provided at no charge
D. Real-time monitoring
E. Adjustable retention
A
Answer: D E
Explanation:
https://aws.amazon.com/cloudwatch/faqs/
18
Q
One of the advantages to moving infrastructure from an on-premises data center to the AWS Cloud is:
A. it allows thebusiness to eliminate IT bills.
B. it allows the business to put a server in each customer’s data center.
C. it allows the business to focus on business activities.
D. it allows the business to leave servers unpatched.
A
Answer: C
19
Q
Which of the following AWS services can be used to serve large amounts of online video content with the lowest possible latency? (Select TWO.) A. appGateway B. Amazon S3 C. Amazon Elastic File System (EFS) D. Amazon Glacier E. Amazom CloudFront
A
Answer: B E
Explanation:
https://aws.amazon.com/pt/blogs/networking-and-content-delivery/amazon-s3-amazon-cloudfront-a-match
-mad
20
Q
Which AWS services are defined as global instead of regional? (Select TWO.) A. Amazon Route 53 B. Amazon EC2 C. Amazon S3 D. Amazon CloudFront E. Amazon DynamoDB
A
Answer: A D
21
Q
What is the AWS customer responsible for according to the AWS shared responsibility model? A. Physical access controls B. Data encryption C. Secure disposal of storage devices D. Environmental risk management
A
Answer: B
22
Q
Which of the following is a correctrelationship between regions, Availability Zones, and edge locations?
A. Data centers contain regions.
B. Regions contain Availability Zones.
C. Availability Zones contain edge locations.
D. Edge locations contain regions.
A
Answer: B
23
Q
Which AWS services can host a Microsoft SQL Server database? (Select TWO.)
A. Amazon EC2
B. Amazon Relational Database Service (Amazon RDS)
C. Amazon Aurora
D. Amazon Redshift
E. Amazon S3
A
Answer: A B
24
Q
Where are AWS compliance documents, such as an SOC 1 report, located? A. Amazon Inspector B. AWS CloudTrail C. AWS Artifact D. AWS Certificate Manager
A
Answer: C
25
```
The AWS Cloud’s multiple Regions are an example of:
A. agility.
B. globalinfrastructure.
C. elasticity.
D. pay-as-you-go pricing.
```
Answer: B
Explanation:
https://aws.amazon.com/blogs/apn/architecting-multi-region-saas-solutions-on-aws/
26
What is Amazon CloudWatch?
A. A code repository with customizable build and team commit features.
B. A metrics repository with customizable notification thresholds and channels.
C. A security configuration repository with threat analytics.
D. A rule repository of a web application firewall with automated vulnerability prevention features.
Answer: B
Explanation:
Amazon CloudWatch is basically a metrics repository. An AWS service — such as Amazon EC2 — puts
metrics intothe repository, and you retrieve statistics based on those metrics. If you put your own custom
metrics into the repository, you can retrieve statistics on these metrics as well.
27
```
Whichservices can be used across hybrid AWS Cloud architectures? (Select TWO.)
A. Amazon Route 53
B. Virtual Private Gateway
C. Classic Load Balancer
D. Auto Scaling
E. Amazon CloudWatch default metrics
```
Answer: A B
Explanation:
https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-clo
ud-w AWS released Amazon Route 53 Resolver for hybrid cloud in November 2018.This makes migration
to cloud and hybrid architectures easier by solving many DNS challenges.
28
```
Which AWS characteristics make AWS cost effective for a workload with dynamic user demand? (Select
TWO.)
A. High availability
B. Shared security model
C. Elasticity
D. Pay-as-you-go pricing
E. Reliability
```
Answer: C D
29
```
Which ofthe following are characteristics of Amazon S3? (Select TWO.)
A. A global file system
B. An object store
C. A local file store
D. A network file system
E. A durable storage system
```
Answer: B E
Explanation:
Build scalable, durable, and secure backup and restore solutions with Amazon S3 and other AWS services,
such as S3 Glacier, Amazon EFS, and Amazon EBS, to augment or replace existing on-premises
capabilities.https://aws.amazon.com/s3/
30
```
Which of the following is a fast and reliable NoSQL database service?
A. Amazon Redshift
B. Amazon RDS
C. Amazon DynamoDB
D. Amazon S3
```
Answer: C
31
A characteristic of edge locations is that they:
A. host Amazon EC2 instances closer to users.
B. help lower latency and improve performance for users.
C. cache frequently changing data without reaching the originserver.
D. refresh data changes daily.
Answer: C
Explanation:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html
32
```
Which of the following inspects AWS environments to find opportunities that can save money for users and
also improve system performance?
A. AWS Cost Explorer
B. AWS Trusted Advisor
C. Consolidated billing
D. Detailed billing
```
Answer: B
33
Which of the following is a benefit of using the AWS Cloud?
A. Permissive security removes the administrative burden.
B. Ability to focus on revenue-generating activities.
C. Control over cloud network hardware.
D. Choice ofspecific cloud hardware vendors.
Answer: A
Explanation:
Developer and IT staff productivity accounted for nearly 30% of overall financial benefits. The remaining
benefits were driven by the flexibility and agility of Amazon cloud infrastructure services, which makeit
easier to trial new business models, support revenue-generating applications, and provide more reliable
services to end users.
34
Which of the following steps should be taken by a customer when conducting penetration testing on AWS?
A. Conduct penetration testing using Amazon Inspector, and then notify AWS support.
B. Request and wait for approval from the customer’s internal security team, and then conduct testing.
C. Notify AWS support, and thenconduct testing immediately.
D. Request and wait for approval from AWS support, and then conduct testing.
Answer: B
Explanation:
AWS customers are welcome to carry out security assessments or penetration tests against their AWS
infrastructure without prior approvalfor 8 services.
35
```
Which Amazon EC2 pricing model adjusts based on supply and demand of EC2 instances?
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Convertible Reserved Instances
```
Answer: C
Explanation:
In the new model, the Spot prices are more predictable, updated less frequently, and are determined by
supply and demand for Amazon EC2 spare capacity, not bid prices.
36
```
What AWS team assists customers withaccelerating cloud adoption through paid engagements in any of
several specialty practice areas?
A. AWS Enterprise Support
B. AWS Solutions Architects
C. AWS Professional Services
D. AWS Account Managers
```
Answer: C
Explanation:
https://aws.amazon.com/professional-services/
37
```
Which AWS service provides a customized view of the health of specific AWS services that power a
customer’s workloads running on AWS?
A. AWS Service Health Dashboard
B. AWS X-Ray
C. AWS Personal Health Dashboard
D. Amazon CloudWatch
```
Answer: C
38
```
According to best practices, how should an application be designed to run in the AWS Cloud?
A. Use tighly coupled components.
B. Use loosely coupled components.
C. Use infrequently coupled components.
D. Use frequently coupled components.
```
Answer: B
39
Which is a recommended pattern for designing a highly available architecture on AWS?
A. Ensure thatcomponents have low-latency network connectivity.
B. Run enough Amazon EC2 instances to operate at peak load.
C. Ensure that the application is designed to accommodate failure of any single component.
D. Use a monolithic application that handles alloperations.
Answer: C
40
```
Which service should a customer use to consolidate and centrally manage multiple AWS accounts?
A. AWS IAM
B. AWS Organizations
C. AWS Schema Conversion Tool
D. AWS Config
```
Answer: B
41
```
How many Availability Zones should compute resources be provisioned across to achieve high availability?
A. A minimum of one
B. A minimum of two
C. A minimum of three
D. A minimum of four or more
```
Answer: B
42
```
Which Amazon EC2 instance pricing model can provide discounts of up to 90%?
A. ReservedInstances
B. On-Demand
C. Dedicated Hosts
D. Spot Instances
```
Answer: D
43
Compared with costs in traditional and virtualized data centers, AWS has:
A. greater variable costs and greater upfront costs.
B. fixed usage costs and lower upfront costs.
C. lower variable costs and greater upfront costs.
D. lower variable costs and lower upfront costs.
Answer: D
44
```
Which of the following Amazon EC2 pricing models allow customers to use existing server-bound software
licenses?
A. Spot Instances
B. Reserved Instances
C. Dedicated Hosts
D. On-Demand Instances
```
Answer: C
45
```
Which AWS service should be used for long-term, low-cost storage of data backups?
A. Amazon RDS
B. Amazon Glacier
C. AWS Snowball
D. AWS EBS
```
Answer: B
Explanation:
Amazon S3 Glacier is a secure, durable, and low-cost storageclass of S3 for data archiving and long-term
backup. Customers can store large or small amounts of data for as little as $0.004 per gigabyte per month.
The S3 Glacier storage class is ideal for archives where data is regularly retrieved and some of the data
may be needed in minutes.
Amazon RDS is a relational database service that hosts databases. It helps you create and manage
databases. Amazon Snowball is a petabyte-scale data transfer service that provides cost efficient data
transfer to AWS from tamperproof physical devices. Similarly, Elastic block storage offers persistent block
storage volumes for EC2 instances.
46
Which of the following are advantages of AWS consolidated billing?(Select TWO.)
A. The ability to receive one bill for multiple accounts
B. Service limits increasing by default in all accounts
C. A fixed discount on the monthly bill
D. Potential volume discounts, as usage in all accounts is combined
E. The automatic extension of the master account’s AWS support plan to all accounts
Answer: A D
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/support-consolidated-billing/
47
The financial benefits of using AWS are: (Select TWO.)
A. reduced Total Cost of Ownership (TCO).
B. increased capital expenditure (capex).
C. reduced operational expenditure (opex).
D. deferred payment plans for startups.
E. business credit lines for stratups.
Answer: A D
48
Where should a company go to search software listings from independent software vendors to find, test,
buy and deploy software that runs on AWS?
A. AWSMarketplace
B. Amazon Lumberyard
C. AWS Artifact
D. Amazon CloudSearch
Answer: A
Explanation:
AWS Marketplace is a digital catalog with thousands of software listings from independent software
vendors that make it easy to find, test, buy, and deploy software that runs on AWS.
49
A company is migrating an application that is running non-interruptible workloads for athree-year time frame.
Which pricing construct would provide the MOST cost-effective solution?
A. Amazon EC2 Spot Instances
B. Amazon EC2 Dedicated Instances
C. Amazon EC2 On-Demand Instances
D. Amazon EC2 Reserved Instances
Answer: D
50
```
If a customer needs to audit the change management of AWS resources, which of the followingAWS
services should the customer use?
A. AWS Config
B. AWS Trusted Advisor
C. Amazon CloudWatch
D. Amazon Inspector
```
Answer: A
Explanation:
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS
resources. Config continuously monitors and records your AWS resource configurations and allows you to
automate the evaluation of recorded configurations against desired configurations. With Config, you can
review changes in configurations and relationships between AWS resources, dive into detailed resource
configuration histories, and determine your overall compliance against the configurations specified in your
internal guidelines. This enables you to simplify compliance auditing, security analysis, change
management, and operational troubleshooting.
51
```
Which servicestores objects, provides real-time access to those objects, and offers versioning and lifecycle
capabilities?
A. Amazon Glacier
B. AWS Storage Gateway
C. Amazon S3
D. Amazon EBS
```
Answer: C
52
```
The use of what AWS feature or service allows companies to track and categorize spending on a detailed
level?
A. Cost allocation tags
B. Consolidated billing
C. AWS Budgets
D. AWS Marketplace
```
Answer: A
Explanation:https://docs.aws.amazon.com/it_it/marketplace/latest/buyerguide/cost-allocation-tagging-ami-marketplace.
html
53
Which of the following Reserved Instance (RI) pricing models provides the highest average savings
compared to On-Demand pricing?
A. One-year, No Upfront, Standard RI pricing
B. One-year, All Upfront, Convertible RI pricing
C. Three-year, All Upfront, Standard RI pricing
D. Three-year, No Upfront, Convertible RI pricing
Answer: C
54
```
What costs are included when comparing AWS Total Cost of Ownership (TCO) with on-premises TCO?
A. Project management
B. Antivirussoftware licensing
C. Data center security
D. Software development
```
Answer: C
Explanation:
https://media.amazonwebservices.com/AWS_TCO_Web_Applications.pdf
55
Which of the following components of the AWS Global Infrastructure consists of one or more discrete data
centers interconnected through lowlatency links?
A. Availability Zone
B. Edge location
C. Region
D. Private networking
Answer: A
56
```
Which of the following services will automatically scale with an expected increase in web traffic?
A. AWS CodePipeline
B. Elastic Load Balancing
C. Amazon EBS
D. AWS Direct Connect
```
Answer: B
Explanation:
Reference:https://aws.amazon.com/elasticloadbalancing/
Automatically scale your applications Elastic Load Balancing provides confidence that your applications will
scale to the demands of your customers. With the ability to trigger Auto Scaling for your Amazon
EC2instance fleet when latency of any one of your EC2 instances exceeds a preconfigured threshold, your
applications will always be ready to serve the next customer request
https://aws.amazon.com/ebs/
57
Which statement best describes Elastic Load Balancing?
A. It translates a domain name into an IP address using DNS.
B. It distributes incoming application traffic across one or more Amazon EC2instances.
C. It collects metrics on connected Amazon EC2 instances.
D. It automatically adjusts the number of Amazon EC2 instances to support incoming traffic.
Answer: B
58
```
Whatis the lowest-cost, durable storage option for retaining database backups for immediate retrieval?
A. Amazon S3
B. Amazon Glacier
C. Amazon EBS
D. Amazon EC2 Instance Store
```
Answer: A
59
What is the benefit of using AWS managed services,such as Amazon ElastiCache and Amazon Relational
Database Service (Amazon RDS)?
A. They require the customer to monitor and replace failing instances.
B. They have better performance than customer-managed services.
C. They simplify patching and updatingunderlying OSs.
D. They do not require the customer to optimize instance type or size selections.
Answer: C
60
```
A customer needs to run a MySQL database that easily scales. Which AWS service should they use?
A. Amazon Aurora
B. Amazon Redshift
C. Amazon DynamoDB
D. Amazon ElastiCache
```
Answer: A
61
```
Which is the MINIMUM AWS Support plan that allows for one-hour target response time for support cases?
A. Enterprise
B. Business
C. Developer
D. Basic
```
Answer: B
62
Which of the following can limit Amazon Storage Service (Amazon S3) bucket access to specific users?
A. A public and private key-pair
B. Amazon Inspector
C. AWS Identity and Access Management (IAM) policies
D. Security Groups
Answer: C
63
What is an example of agility in the AWS Cloud?
A. Access to multiple instance types
B. Access to managed services
C. Using Consolidated Billing to produce one bill
D. Decreased acquisition time for newcompute resources
Answer: D
64
```
Which AWSservice can be used to manually launch instances based on resource requirements?
A. Amazon EBS
B. Amazon S3
C. Amazon EC2
D. Amazon ECS
```
Answer: C
65
Which of the following is a shared control between the customer and AWS?
A. Providing a key for Amazon S3 client-side encryption
B. Configuration of an Amazon EC2 instance
C. Environmental controls of physical AWS data centers
D. Awareness and training
Answer: D
66
Which of the following security-related actions are available at no cost?
A. Calling AWS Support
B. Contacting AWS Professional Services to request a workshop
C. Accessing forums, blogs, and whitepapers
D. Attending AWS classes at a local university
Answer: C
67
```
Which service allows a company with multiple AWS accountsto combine its usage to obtain volume
discounts?
A. AWS Server Migration Service
B. AWS Organizations
C. AWS Budgets
D. AWS Trusted Advisor
```
Answer: B
Explanation:
use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple
AWS accounts or multiple Amazon Internet Services Pvt. Ltd (AISPL) accounts. Every organization in AWS
Organizations has a master account that pays the charges of all the member accounts.
Consolidated billing has the following benefits:
68
```
Which AWS managed service is used to hostdatabases?
A. AWS Batch
B. AWS Artifact
C. AWS Data Pipeline
D. Amazon RDS
```
Answer: D
Explanation: Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a
relational database in the cloud. It provides cost-efficient and resizable capacity while automating
time-consuming administration tasks such as hardware provisioning, database setup, patching and
backups. It frees you to focus on your applications so you can give them the fast performance, high
availability, security and compatibility they need.
69
What is one of theadvantages of the Amazon Relational Database Service (Amazon RDS)?
A. It simplifies relational database administration tasks.
B. It provides 99.99999999999% reliability and durability.
C. It automatically scales databases for loads.
D. It enabledusers to dynamically adjust CPU and RAM resources.
Answer: A
Explanation:
https://aws.amazon.com/rds/
70
```
Which AWS service provides alerts when an AWS event may impact a company’s AWS resources?
A. AWS Personal Health Dashboard
B. AWS Service Health Dashboard
C. AWS Trusted Advisor
D. AWS Infrastructure Event Management
```
Answer: A
Explanation:
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing
events that may impact you. While the Service Health Dashboard displays the general status of AWS
services, Personal HealthDashboard gives you a personalized view into the performance and availability of
the AWS services underlying your AWS resources.
71
```
Which of the following AWS Cloud services can be used to run a customer-managed relational database?
A. Amazon EC2
B. Amazon Route 53
C. Amazon ElastiCache
D. AmazonDynamoDB
```
Answer: A
72
A customer is using multiple AWS accounts with separate billing.
How can the customer take advantage of volume discounts with minimal impact to the AWS resources?
A. Create one global AWS acount and move all AWS resources to tha account.
B. Sign up for three years of ReservedInstance pricing up front.
C. Use the consolidated billing feature from AWS Organizations.
D. Sign up for the AWS Enterprise support plan to get volume discounts.
Answer: C
73
AWS supports which of the following methods to add security to Identity and Access Management (IAM)
users? (Select TWO.)
A. Implementing Amazon Rekognition
B. Using AWSShield-protected resources
C. Blocking access with Security Groups
D. Using Multi-Factor Authentication (MFA)
E. Enforcing password strength and expiration
Answer: D E
74
```
Which AWS service provides the ability to manage infrastructure as code?
A. AWS CodePipeline
B. AWS CodeDeploy
C. AWS Direct Connect
D. AWS CloudFormation
```
Answer: D
Explanation:
AWS CloudFormation provides a common language for you to describe and provision all the infrastructure
resources in your cloud environment. CloudFormation allows you to use a simple text file to model and
provision, in an automated and secure manner, all the resources needed for your applications across all
regions and accounts. This file serves as the single source of truth for your cloud environment.
https://containersonaws.com/introduction/infrastructure-as-code/
75
Which service provides a virtually unlimited amount of online highly durable object storage?
A. Amazon Redshift
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Elastic Container Service (Amazon ECS)
D. Amazon S3
Answer: D
76
What approach to transcoding a large number of individual video files adheres to AWS architecture
principles?
A. Using many instances in parallel
B. Using a single large instance during off-peak hours
C. Using dedicated hardware
D. Using a large GPU instance type
Answer: A
77
Under the shared responsibility model, which of the following is the customer responsible for?
A. Ensuring that disk drives are wiped after use.
B. Ensuring that firmware is updated on hardware devices.
C. Ensuring that data is encrypted at rest.
D. Ensuring that network cables are category six or higher.
Answer: C
Explanation:
AWS for a self-hosted database that requires a nightly shutdown for maintenance andcost-saving purposes
78
```
For which auditing process does AWS have sole responsibility?
A. AWS IAM policies
B. Physical security
C. Amazon S3 bucket policies
D. AWS CloudTrail Logs
```
Answer: B
79
```
Which of the following services could be used to deploy an application to servers running on-premises?
(Select TWO.)
A. AWS Elastic Beanstalk
B. AWS OpsWorks
C. AWS CodeDeploy
D. AWS Batch
E. AWS X-Ray
```
Answer: B C
80
A company is looking for a scalable data warehouse solution.
Which of the following AWS solutions would meet the company’s needs?
A. Amazon Simple Storage Service (Amazon S3)
B. Amazon DynamoDB
C. AmazonKinesis
D. Amazon Redshift
Answer: D
81
Which of the Reserved Instance (RI) pricing models can change the attributes of the RI as long as the
exchange results in the creation of RIs of equal or greater value?
A. Dedicated RIs
B. Scheduled RIs
C. Convertible RIs
D. Standard RIs
Answer: C
82
```
Which of the following are categories of AWS Trusted Advisor? (Select TWO.)
A. Fault Tolerance
B. InstanceUsage
C. Infrastructure
D. Performance
E. Storage Capacity
```
Answer: A D
Explanation:
Like your customized cloud expert, AWS Trusted Advisor analyzes your AWS environment and provides
best practice recommendations in five categories: cost optimization,performance, security, fault tolerance
and service limits
83
Under the AWS shared responsibility model, which of the following activities are the customer’s
responsibility? (Select TWO.)
A. Patching operating system components for Amazon Relational Database Server (Amazon RDS)
B. Encrypting data on the client-side
C. Training the data centerstaff
D. Configuring Network Access Control Lists (ACL)
E. Maintaining environmental controls within a data center
Answer: B D
84
```
Under the shared responsibility model, which of the following is a shared control between a customer and
AWS?
A. Physical controls
B. Patch management
C. Zone security
D. Data center auditing
```
Answer: C
Explanation:
Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in
completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the
infrastructure and the customer must provide their own control implementation within their use of AWS
services. Examples include:
85
```
Which of thefollowing is an advantage of consolidated billing on AWS?
A. Volume pricing qualification
B. Shared access permissions
C. Multiple bills per account
D. Eliminates the need for tagging
```
Answer: A
Explanation:
If you have multiple standalone accounts, yourcharges might decrease if you add the accounts to an
organization. AWS combines usage from all accounts in the organization to qualify you for volume pricing
discounts.
86
```
Which AWS service provides a simple and scalable shared file storage solution for use with Linux-based
AWS and on-premises servers?
A. Amazon S3
B. Amazon Glacier
C. Amazon EBS
D. Amazon EFS
```
Answer: D
Explanation:
Explanation:
Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file
system for use with AWS Cloud services and on-premises resources. It is built to scale on demand to
petabytes without disrupting applications, growing and shrinking automatically as you add and remove files,
eliminating the need to provision and manage capacity to accommodate growth.
Amazon EFS is designed to provide the throughput, IOPS, and low latency needed for Linux workloads.
Throughput and IOPS scale as a file system grows and can burst to higher throughput levels for short
periods of time to support the unpredictable performance needs of file workloads. For the most demanding
workloads, Amazon EFS can support performance over 10GB/sec and up to 500,000 IOPS.
87
```
When architecting cloud applications, which of the following are a key design principle?
A. Use the largest instance possible
B. Provision capacity for peak load
C. Use the Scrum development process
D. Implement elasticity
```
Answer: D
Explanation:
https://d1.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf
88
Which storage service can be used as a low-cost option for hosting static websites?
A. Amazon Glacier
B. Amazon DynamoDB
C. Amazon Elastic File System (Amazon EFS)
D. Amazon Simple Storage Service (Amazon S3)
Answer: D
89
```
Distributingworkloads across multiple Availability Zones supports which cloud architecture design principle?
A. Implement automation.
B. Design for agility.
C. Design for failure.
D. Implement elasticity.
```
Answer: C
Explanation:
https://www.slideshare.net/AmazonWebServices/best-practices-for-architecting-in-the-cloud-jeff-barr/10-D
esig Application Deployment and Data replication"
90
Which of the following AWS features enables a user to launch a pre-configured Amazon Elastic Compute
Cloud (Amazon EC2) instance?
A. Amazon Elastic Block Store (Amazon EBS)
B. Amazon Machine Image
C. Amazon EC2Systems Manager
D. Amazon AppStream 2.0
Answer: B
Explanation:
To use Amazon EC2, you simply:
91
```
Which AWS service allows companies to connect an Amazon VPC to anon-premises data center?
A. AWS VPN
B. Amazon Redshift
C. API Gateway
D. Amazon Direct Connect
```
Answer: D
Explanation:
AWS Direct Connect enables you to securely connect your AWS environment to your on-premises data
center or office location over a standard 1 gigabit or 10 gigabit Ethernet fiber-optic connection. AWS Direct
Connect offers dedicated high speed, low latency connection, which bypasses internet service providers in
your network path. An AWS Direct Connect location provides access to Amazon Web Services in the
region it is associated with, as well as access to other US regions. AWS Direct Connect allows you to
logically partition the fiber-optic connections into multiple logical connections called Virtual Local Area
Networks (VLAN). You can take advantageof these logical connections to improve security, differentiate
traffic, and achieve compliance requirements.
92
```
Which of the following are valid ways for a customer to interactwith AWS services? (Select TWO.)
A. Command line interface
B. On-premises
C. Software Development Kits
D. Software-as-a-service
E. Hybrid
```
Answer: A C
93
```
Which design principles for cloud architecture are recommended when re-architecting a large monolithic
application? (Select TWO.)
A. Use manual monitoring.
B. Use fixed servers.
C. Implement loose coupling.
D. Rely on individual components.
E. Design for scalability.
```
Answer: C E
Explanation:
https://www.architech.ca/re-architect-applications/
94
```
Which of the following is the customer’s responsibility under the AWS shared responsibility model?
A. Patching underlying infrastructure
B. Physical security
C. Patching Amazon EC2 instances
D. Patching network infrastructure
```
Answer: C
95
How would an AWS customer easily apply common access controls to a large set of users?
A. Apply an IAM policy to an IAM group.
B. Apply an IAM policyto an IAM role.
C. Apply the same IAM policy to all IAM users with access to the same workload.
D. Apply an IAM policy to an Amazon Cognito user pool.
Answer: A
Explanation:
Instead of defining permissions for individual IAM users, it's usually more convenient to create groups that
relate to job functions (administrators, developers, accounting, etc.). Next, define the relevant permissions
for each group. Finally, assign IAM users to those groups. All the users in an IAM group inherit the
permissions assigned to thegroup. That way, you can make changes for everyone in a group in just one
place. As people move around in your company, you can simply change what IAM group their IAM user belongs to.
96
A company is considering using AWS for a self-hosted database that requires a nightly shutdown for
maintenance and cost-saving purposes.
Which service should the company use?
A. Amazon Redshift
B. Amazon DynamoDB
C. Amazon Elastic Compute Cloud (Amazon EC2) with Amazon EC2 instance store
D. Amazon EC2 with Amazon Elastic Block Store (Amazon EBS)
Answer: D
97
```
Which AWS IAM feature allows developers toaccess AWS services through the AWS CLI?
A. API keys
B. Access keys
C. User names/Passwords
D. SSH keys
```
Answer: B
Explanation:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
Access keys are long-term credentials for an IAM user or the AWS account rootuser. You can use access
keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK)
98
```
Which feature of the AWSCloud will support an international company’s requirement for low latency to all of
its customers?
A. Fault tolerance
B. Global reach
C. Pay-as-you-go pricing
D. High availability
```
Answer: B
Explanation:
https://aws.amazon.com/blogs/startups/expanding-kloudlesss-global-reach-by-bridging-regions/
99
A customer is deploying a new application and needs to choose an AWS Region. Which of the following
factors could influence the customer’s decision? (Select TWO.)
A. Reduced latency to users
B. The application’s presentation in the locallanguage
C. Data sovereignty compliance
D. Cooling costs in hotter climates
E. Proximity to the customer’s office for on-site visits
Answer: A C
100
```
What technology enables compute capacity toadjust as loads change?
A. Load balancing
B. Automatic failover
C. Round robin
D. Auto Scaling
```
Answer: D
Explanation:
AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady,
predictable performance at the lowestpossible cost. Using AWS Auto Scaling, it’s easy to setup application
scaling for multiple resources across multiple services in minutes. The service provides a simple, powerful
user interface that lets you build scaling plans for resources including Amazon EC2 instances and Spot
Fleets, Amazon ECS tasks, Amazon DynamoDB tables and indexes, and Amazon Aurora Replicas. AWS
Auto Scaling makes scaling simple with recommendations that allow you to optimize performance, costs, or
balance between them. If you’realready using Amazon EC2 Auto Scaling to dynamically scale your Amazon EC2 instances, you can now combine it with AWS Auto Scaling to scale additional resources for
other AWS services. With AWS Auto Scaling, your applications always have the right resources at the right
time.
